Public bug reported: Binary package hint: squid
Dear colleagues, squid-2.X and squid-3.x are vulnerable. Message from NVD: The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers. This applies to all squid packages in our supported releases. Severity: (from upstream: http://www.squid- cache.org/Advisories/SQUID-2007_2.txt) This problem allows any client trusted to use the service to perform a denial of service attack on the Squid service. ** Affects: squid (Ubuntu) Importance: Undecided Status: New ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6239 ** Description changed: Binary package hint: squid Dear colleagues, squid-2.X and squid-3.x are vulnerable. Message from NVD: The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers. This applies to all squid packages in our supported releases. + + Severity: (from upstream: http://www.squid- + cache.org/Advisories/SQUID-2007_2.txt) + + This problem allows any client trusted to use the service to + perform a denial of service attack on the Squid service. ** Visibility changed to: Public -- [CVE-2007-6239] squid-2.X and squid-3.x are vulnerable https://bugs.launchpad.net/bugs/174352 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
